CVE-2013-5009
https://notcve.org/view.php?id=CVE-2013-5009
The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging access to a limited-admin account. La Consola de Administración en Symantec Endpoint Protection (SEP) 11.x anteriores a 11.0.7.4 y 12.x anteriores a 12.1.2 RU2 y Endpoint Protection Small Business Edition 12.x anteriores a 12.1.2 RU2 no realizan la autenticación de forma apropiada , lo cual permite a usuarios remotos autenticados obtener privilegios aprovechando el acceso a una cuenta de administrador limitada. • http://www.securityfocus.com/bid/64128 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00 https://exchange.xforce.ibmcloud.com/vulnerabilities/90224 • CWE-287: Improper Authentication •
CVE-2013-5011
https://notcve.org/view.php?id=CVE-2013-5011
Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory. Vulnerabilidad unquoted Windows search path en el cliente de Symantec Endpoint Protection (SEP) 11.x anteriores a 11.0.7.4 y 12.x anteriores a 12.1.2 RU2 y Endpoint Protection Small Business Edition 12.x anteriores a 12.1.2 RU2 permite a usuarios locales obtener privilegios a través de un programa manipulado en el directorio %SYSTEMDRIVE%. • http://www.securityfocus.com/bid/64130 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00 https://exchange.xforce.ibmcloud.com/vulnerabilities/90226 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2012-4348
https://notcve.org/view.php?id=CVE-2012-4348
The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors. La consola de administración de Symantec Endpoint Protection (SEP) v11.0 antes de RU7-MP3 y v12.1 antes de RU2 y Symantec Endpoint Protection Small Business Edition v12.x antes de v12.1 RU2, no valida correctamente la entrada para secuencias de comandos PHP, lo que permite a usuarios remotos autenticados ejecutar código arbitrario a través de vectores no especificados. • http://www.securityfocus.com/bid/56846 http://www.securitytracker.com/id?1027863 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121210_00 • CWE-20: Improper Input Validation •
CVE-2012-4953
https://notcve.org/view.php?id=CVE-2012-4953
The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file. El motor de descomposición en Symantec Endpoint Protection (SEP) v11.0, Symantec Endpoint Protection Small Business Edition v12.0, Symantec AntiVirus Corporate Edition (SAVCE) v10.x y Symantec Scan Engine (ESE) antes de v5.2.8 no realiza , de forma adecuada, comprobaciones sobre los límites de los contenidos de los archivos CAB, lo que permite a atacantes remotos provocar una denegación de servicio (por caída de la aplicación) o posiblemente ejecutar código de su elección a través de un archivo modificado. • http://www.kb.cert.org/vuls/id/985625 http://www.securityfocus.com/bid/56399 http://www.securitytracker.com/id?1027726 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121107_00 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-1456
https://notcve.org/view.php?id=CVE-2012-1456
The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a TAR file with an appended ZIP file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. El analizador de archivos TAR en AVG Anti-Virus 10.0.0.1190, Quick Heal (también conocido como Cat QuickHeal) 11.00, Comodo Antivirus 7424, a-squared Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2 .254.0, Ikarus Virus Utilities Comando escáner de la línea T3 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee gateway (anteriormente Webwasher) 2010.1C, NOD32 Antivirus 5795 , Norman Antivirus 6.6.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 de Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, y Trend Micro HouseCall 9.120. 0.1004 permite a atacantes remotos evitar la detección de malware a través de un archivo tar con un archivo ZIP adjunto. NOTA: esto más adelante se puede dividir en varios CVEs si la información adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones de tar analizador. • http://osvdb.org/80389 http://osvdb.org/80390 http://osvdb.org/80391 http://osvdb.org/80395 http://osvdb.org/80396 http://osvdb.org/80403 http://osvdb.org/80406 http://osvdb.org/80409 http://www.ieee-security.org/TC/SP2012/program.html http://www.securityfocus.com/archive/1/522005 http://www.securityfocus.com/bid/52608 https://exchange.xforce.ibmcloud.com/vulnerabilities/74289 • CWE-264: Permissions, Privileges, and Access Controls •